[SCM] Git repository for devscripts branch, squeeze, updated. v2.10.69+squeeze3
James McCoy
jamessan at debian.org
Sat Sep 1 14:59:02 UTC 2012
The following commit has been merged in the squeeze branch:
commit 1bbe2163987c53064a4cd57712927f4b06c01032
Author: Jim Meyering <meyering at redhat.com>
Date: Mon Aug 13 15:44:49 2012 +0200
annotate-output: prevent symlink attack
* annotate-output: Fix to prevent symlink attack: don't delete
safely-created file and reuse its name. Instead, create temporary
directory and create FIFOs therein. Also, be sure to remove
temporaries upon catchable signal.
Signed-off-by: James McCoy <jamessan at debian.org>
diff --git a/scripts/annotate-output.sh b/scripts/annotate-output.sh
index 75c531c..35aa1fc 100755
--- a/scripts/annotate-output.sh
+++ b/scripts/annotate-output.sh
@@ -62,10 +62,14 @@ if [ $# -lt 1 ]; then
exit 1
fi
-OUT=`mktemp /tmp/annotate.XXXXXX` || exit 1
-ERR=`mktemp /tmp/annotate.XXXXXX` || exit 1
+cleanup() { __st=$?; rm -rf "$tmp"; exit $__st; }
+trap cleanup 0
+trap 'exit $?' 1 2 13 15
+
+tmp=$(mktemp -d --tmpdir annotate.XXXXXX) || exit 1
+OUT=$tmp/out
+ERR=$tmp/err
-rm -f $OUT $ERR
mkfifo $OUT $ERR || exit 1
addtime O < $OUT &
--
Git repository for devscripts
More information about the devscripts-devel
mailing list